Am Donnerstag, 11. Mai 2006 17:38 schrieb Christopher Carver: > If you want to use rlm_sql you do this with the tables radius.usergroup > and radius.radgroupcheck. In radius.radgroupcheck you'd have something > like this: > > +----+---------------+-----------+----+--------+ > > | id | GroupName | Attribute | op | Value | > > +----+---------------+-----------+----+--------+ > > | 1 | RASUser | Auth-Type | := | system | > > Then in radius.usergroup for each user you want in this group you'll > have a row like this: > > +--------+----------+---------------+ > > | id | UserName | GroupName | > > +--------+----------+---------------+ > > | 39747 | thisuser | RASUser | > > That pasted rather ugly, but I think you should get the point. Using > sql eliminates the need for the users file to be able to do what you > asked about. Let me know if this doesn't answer your question. > > Chris Carver
Thanks for your answer. But I think this is not quite what I was looking for. I want to administer the passwords in MySQL, not in the system, so I need Auth-Type := Local. And this authenticates every user that is in the database, not only these in the specific group. I solved it adding DEFAULT Group !="RASUser", Auth-Type := Reject in my files. -- Dr. Michael Schwartzkopff MultiNET Services GmbH Bretonischer Ring 7 85630 Grasbrunn Tel: (+49 89) 456 911 - 0 Fax: (+49 89) 456 911 - 21 mob: (+49 174) 343 28 75 PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B Skype: misch42
pgpQQAJ9wQU6H.pgp
Description: PGP signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
